Since then it has continued to look into the problem and what it called "serious criminal activity" affecting a "significant" number of users.

"AOL's investigation is still underway, however, we have determined that there was unauthorised access to information regarding a significant number of user accounts," it said in a blog post.

"This information included AOL users' email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information".

The firm said that roughly two percent of AOL email accounts appear to be sending spoofed emails, but added that there is no suggestion that financial information has been plundered. Despite this users are advised to clean up their passwords.

"Although there is no indication that the encryption on the passwords or answers to security questions was broken, as a precautionary measure, we nevertheless strongly encourage our users and employees to reset their passwords used for any AOL service and, when doing so, also to change their security question and answer," it added.

"Our security team has put enhanced protective measures in place and we urge our users to take proactive steps to help ensure the security of their accounts. AOL is notifying potentially affected users and is committed to ensuring the protection of its users, employees and partners and addressing the situation as quickly and forcefully as we can." µ